package com.boho.system.acl;


import java.sql.Connection;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import cn.boho.framework.acl.ACLPolicy;
import cn.boho.framework.acl.AccessControlManage;
import cn.boho.framework.acl.ResourceImpl;
import cn.boho.framework.acl.RoleImpl;
import cn.boho.framework.acl.UserImpl;
import cn.boho.framework.connection.ConnectionHelper;
import cn.boho.framework.context.ActionContext;
import cn.boho.framework.context.DataContext;
import cn.boho.framework.core.FrameworkConstant;
import cn.boho.framework.log.LogService;
import cn.boho.framework.log.Logger;
import cn.boho.framework.po.DynaBeanMap;

import com.boho.common.Constant;
import com.boho.system.dao.TSysActionDao;
import com.boho.system.service.PermissionService;





public class JSonACLPolicy implements ACLPolicy {
	
	private static Logger logger = LogService.newInstance().getLogger(JSonACLPolicy.class.getName());
	
	public int isAccess(ServletRequest request, ServletResponse response, DataContext context) {
		ActionContext atx = (ActionContext) context;
		String actionName = atx.getActionName();
		logger.debug("权限验证ACTION_NAME:"+actionName);
		//无session匿名操作
		boolean blnAnonymous = FrameworkConstant.hashSetAnonymous.contains(String.valueOf(FrameworkConstant.CHANNEL_JSON)+"_"+actionName);
		if (blnAnonymous) {
			logger.debug("无session匿名权限信息");
			return AccessControlManage.PASS_OK;
		}
		//有session匿名操作
		boolean blnAnonymousSession = FrameworkConstant.hashSetAnonymousSession.contains(String.valueOf(FrameworkConstant.CHANNEL_JSON)+"_"+actionName);
		if (blnAnonymousSession) {
			logger.debug("有session匿名权限信息");
			return AccessControlManage.PASS_OK;
		}
		//查询登陆用户的操作权限
		Map<String,String> mapAction = null;
		try {
			mapAction = PermissionService.queryPermissionByLoginUser(atx);
		} catch (Exception e) {
			logger.error(e.getMessage());
			e.printStackTrace();
		}
		if(mapAction != null){
			if(mapAction.containsValue(actionName)){
				return AccessControlManage.PASS_OK;
			}
		}
		return AccessControlManage.ERROR_ACL_2;
	}

	@SuppressWarnings("unchecked")
	public void init(Map map) {
		Connection con = null;
		try {
			con = ConnectionHelper.getConnection();
			//所有功能对应的操作
			List actionList = TSysActionDao.queryActionByFunctionLevel(con);
			DynaBeanMap actionDbm = new DynaBeanMap();
			if(actionList != null){
				int size = actionList.size();
				for(int i = 0; i < size; i++){
					DynaBeanMap dbmActions = (DynaBeanMap)actionList.get(i);
					String actionName = (String)dbmActions.get("ACTION_NAME");
					Integer funLevel = (Integer)dbmActions.get("FUNCTION_LEVEL");
					if(!"".equals(actionName)){
						int level = (int)funLevel;
						switch(level){
							case 1 : 
								FrameworkConstant.hashSetAnonymous.add(FrameworkConstant.CHANNEL_JSON + "_" + actionName);
								break;
							case 2 :
								FrameworkConstant.hashSetAnonymousSession.add(FrameworkConstant.CHANNEL_JSON + "_" + actionName);
								break;
						}
						String pkFun = (String)dbmActions.get("FUNCTION_ID");
						List list = null;
						if(actionDbm.containsKey(pkFun)){
							list = (List)actionDbm.get(pkFun);
						}
						else{
							list = new LinkedList();
						}
						list.add(dbmActions);
						actionDbm.put(pkFun, list);
					}
				}
				Constant.actionDbm = actionDbm;
			}
		} catch (Exception e) {
			logger.error(e.getMessage());
			e.printStackTrace();
		} finally {
			if(con != null){
				cn.boho.framework.connection.ConnectionHelper.finalRelease(con);
			}
		}
	}

	public UserImpl getAnonymousUser(Connection arg0) {
		return null;
	}

	public ResourceImpl[] getResourcesByRoleUid(Connection arg0, Object arg1) {
		return null;
	}

	public RoleImpl[] getRolesByUserUid(Connection arg0, Object arg1) {
		return null;
	}

	public UserImpl getSystemUser(Connection arg0) {
		return null;
	}

	public boolean needAccessControl(UserImpl arg0) {
		return false;
	}
}